How Symantec is rallying after a stock slump, a slide in partner satisfaction and an immense integration challenge

Just a year ago, it would have been impossible to think that Symantec--arguably one of the best-run companies in America, focused on one of the fastest-growing areas of information technology--would find itself mired in a stock slump, buffeted by new, competitive threats and plagued by subpar partner satisfaction.

Consider the evidence: Symantec shares are off 20 percent from a year ago and were down as much as 30 percent until recently. In contrast, rival McAfee's shares are up 40 percent over the past 12 months, while shares of Internet Security Solutions are up nearly one-third.

As for competitive threats, Symantec is facing adversaries from every direction. Traditional rivals Trend Micro and McAfee have both rallied with new products and strategies aimed at combating Symantec. Meanwhile, companies from which Symantec would like to steal share are proving extremely resilient. Take firewall giant Check Point Software Technologies. It countered Symantec's recent attempt to strengthen its hand in intrusion-prevention and antiphishing technology with last month's purchase of Sourcefire, a Columbia, Md.-based developer of intrusion-prevention software. That could help Check Point maintain its historic lead in key categories.

And then there's the thorny issue of Cisco Systems, the world leader in networking equipment and a key Symantec ally. Two years ago, it acquired Okena, a host-intrusion-prevention company whose products Cisco now markets as the Cisco Security Agent. More recently, it bought FineGround, a provider of network appliances that accelerate, secure and monitor application delivery, and MI Secure, a Campbell, Calif.-based developer of security and VPN solutions. Clearly, Cisco wants a bigger share of the security market, which will undoubtedly come at Symantec's expense.

Add to that a raft of highly focused newcomers, and Symantec is facing an entirely new competitive landscape from what it faced just two years ago. Oh, and one more thing: It now must try to rein in the world's largest and most successful software company on the planet, Microsoft. Yes, Microsoft, too, has ambitions in security. It has purchased several security-software companies, including antivirus innovator Sybari and antispyware developer Giant Company Software. More recently, Microsoft detailed preliminary product plans and strategies. In mid-October, the software behemoth unveiled Microsoft Client Protection, which will offer basic desktop antivirus and antispyware--the very place Symantec makes much of its profits.

Then there's the issue of disappointing partner satisfaction. In the recent VARBusiness Annual Report Card survey, Symantec dropped further behind its rivals in security-management software and security appliances. In both categories, Symantec finished near the bottom--an indication that the ambitious acquisition of Veritas has led to at least some confusion and disappointment in the field. Now, even Symantec CEO John Thompson is beginning to realize that his company has not handled everything optimally. In an exclusive interview with VARBusiness, the otherwise optimistic Thompson says bluntly, "We made our share of mistakes. We focused too much on the 'what' instead of the 'why.'"

That said, Thompson remains confident that his diversification strategy is sound and that his company will be vindicated by market acceptance and sales growth. "We made a strategic move with the Veritas merger after realizing that security was necessary, but not sufficient," he says.

More Than Most

What could suffice customers' long-term security and storage-management needs may be found in the new products, strategies and ideas emanating from the company today. But it is not yet clear whether Symantec can successfully integrate Veritas or, frankly, whether the market desires it to do so.

Theoretically, customers want integrated solutions. But they don't want to wait forever for them. That has put enormous pressure on the once unflappable security software company to simultaneously integrate a diverse channel, rationalize a product portfolio and quickly balance incompatible systems, processes and strategies. Case in point: Symantec is trying to reconcile several different software-licensing plans--more than even Microsoft. Symantec claims to have made great progress integrating its various businesses, but it needs more time. That's partly because Symantec continues to add to its complexity by buying more companies. In October alone, it completed two more acquisitions: endpoint security pioneer Sygate and antiphishing innovator WholeSecurity. It also announced plans to buy a third, policy-management vendor BindView.

Symantec's challenges are also complicated by additional churn inside the company. September, for example, saw president John Schwarz leave for the CEO post at Business Objects, and longtime worldwide channels chief, senior vice president Allyson Seelinger, resigned this month for personal reasons.(For a look at her replacement, Julie Parrish, read "The Parrish File" at www.varbusiness.com.)

Churn is also happening in the field and within Symantec's customer base. Internet Security Systems, for example, says the number of resumes it has received from Symantec workers has increased sharply, while Eset, a threat-protection software vendor based in Coronado, Calif., says half of its business now comes from former Symantec customers. "[They] feel they've been gouged and aren't getting the protection they should for the price they paid," CTO Andrew Lee says.

All of the above has given competitors more room to maneuver against Symantec than at any other time in recent memory. And, boy, are they ever trying to make the most of the opportunities.

Competitive Pressures

When McAfee president Gene Hodges first heard about rival Symantec's bid to buy Veritas, it gave him cause to stop and rethink his own company's strategy. But only for a minute. Diversification? Been there, done that, he says.

"In the past, there was lots of quandary about diversifying. We did that up to 2002. But we found that we couldn't be best-in-class in every [security] category," Hodges says. "Plus, it's a beguiling message to customers and partners when you try to be everything to everyone."

Fellow Symantec competitor Trend Micro believes the same.

"Being a consolidator in an industry has the offsetting impact of taking your focus away from the security industry," says Lane Bess, president of Trend Micro's North American operations. Symantec, which has promoted the idea that an industry consolidator is best-positioned to provide customers the integrated security and storage solutions they seek, has not delivered on that promise, he says.

"The reality is that the integration and the technologies coming through the consolidation have not provided a simple solution for customers to buy. In addition, the solutions can be so complex that it has fueled the need for Symantec to put in place a systems-integration-type component to its business, which is in many ways a threat to the channel," Bess says. Coincidentally, Trend Micro has seen its competitive displacements grow at Symantec's expense quarter-over-quarter for the past six consecutive reporting periods, Bess notes.

VARs themselves have seen no less. Vigilar CEO Palaniswamy Rajan says Symantec's products have lost several competitive "bake-offs" that his company has performed. The problem: Symantec's products sometimes lack the functionality that can be achieved with best-of-breed products from various companies. That has troubled him and prompted his organization to consider alternatives. "I want to remain loyal, but I do not want to lose business," he says.

Gearing Up

Symantec, of course, doesn't want to lose the loyalty of Rajan or its other 8,000 partners. To win them over, Symantec has taken a number of steps toward improvement. For starters, it has increased financial incentives to those who sell Veritas' products. It has streamlined and improved its partner portal, and taken an ax to complexity in everything from legal contracts, special orders and even support policies. It also has tried to keep tumult in the field to a minimum, adopting a "stay-in-your-lane" strategy that keeps Symantec and Veritas field people in their roles where possible. That has not worked out 100 percent of the time, but has limited upheaval.

More recently, Symantec has come forward with some program enhancements. For example, it recently unveiled the Symantec Certified Technical Specialist, Small Business Security program, which offers certification training and business tools to help channel partners build security practices with repeatable solutions.

Prior to that, the company announced upgrades to key products that have given partners legitimate reason to rethink any misgivings about the merger. When Symantec announced its deal last year, Greg Barry, vice president of business development at New York-based Power Consulting, was not sure what to make of it. A Symantec partner that sold Symantec's LiveState Recovery product to midsize enterprises in New York's financial community, Power Consulting eschewed selling Veritas' Backup Exec due to the limited margin opportunity. But the new Backup Exec version 10d offers continuous data protection and allows individuals to recover their own files regardless of location using a Web-based interface. Given that nearly 90 percent of Power Consulting's client base has Backup Exec and half haven't upgraded in a while, Barry is in an enviable position to make the most of the Veritas merger.

Another reason Barry will benefit: Symantec's desire to drive as many Veritas product sales through partners as possible. Senior vice president of the Americas Steve Messick says as much, as does former Veritas CEO and current Symantec president Gary Bloom. Selling Symantec's blended stack of security and storage-management products offers business allies "a huge upselling/cross-selling opportunity for our partner community," Bloom says.

How big an opportunity is anyone's guess. Symantec and industry observers estimate that as much as $29 billion is up for grabs in security and storage-management software in various buckets. That's roughly as much as Microsoft generated in total worldwide sales just a few years ago--enough to sustain more than 100,000 partners worldwide.

"Symantec and Veritas are trying to marry Symantec's security strengths with Veritas' enterprise storage-management aspect, which is a different variation than McAfee's business [or] Computer Associates'," says Rich Severa, president of MOCA, a large wholesaler of midrange systems and software. "The market is vast, and each company has lots of room to grow."